README-ned-settings
NED settings details
This NED is equipped with a number of runtime configuration options "NED settings" allowing for customization by the end user. All options are configurable using the NSO API for NED settings. Most NED settings can be configured globally, per device profile or per device instance in the following locations:
global /ncs:devices/global-settings/ned-settings/alu-sr/ profile /ncs:devices/ncs:profiles/profile:/ned-settings/alu-sr/ device /ncs:/device/devices/device:/ned-settings/alu-sr/
Profiles setting overrides global-settings and device settings override profile settings, hence the narrowest scope of the setting is used by the device.
If user changes a ned-setting, then user must reconnect to the device, i.e. disconnect and connect in order for the new setting to take effect.
From the NSO CLI the device instance NED settings for this NED are available under:
# config
# devices device dev-1 ned-settings alu-sr
Press TAB to see all the NED settings.
Table of contents
1. ned-settings alu-sr
2. persistent-store
3. meta-data
4. logger
5. proxy
6. proxy2
7. live-status
7.1. auto-prompts
8. developer
9. connection
10. get-device-config-settings
10.1. detailed-config
11. apply-device-config-settings
12. behaviour
13. transaction
13.1. config-abort-warning
13.2. config-ignore-error
14. console1. ned-settings alu-sr
- alu-sr trans-id-method <enum> (default config-data)
Configure how the NED shall calculate the transaction id. Typically used after each commit and
for check-sync operations.
config-hash - Use a snapshot of the whole device running config
for calculation.
rollback-timestamp - Use the time stamp of the latest rollback checkpoint
for calculation. The system rollback feature must be
on.
last-modified-timestamp - Use the 'time last modified' time stamp generated by
the ALU device for calculation. Note, this time
stamp is not available on all ALU devices. See
README.
last-saved-timestamp - Use the 'time last saved' time stamp generated by
the ALU device for calculation. Note, this method is
not reliable. See README.
last-modified-and-last-saved-timestamp - Use the 'time last modified' and 'time last saved'
time stamp generated by the ALU device for
calculation. Note, this method is not reliable. See
README.
config-data - Use a snapshot of the device running config filtered
through NED yang schema - eg removes device data
that it is not modeled by the NED.
- alu-sr candidate-commit <enum> (default disabled)
Make the NED use the candidate commit feature available on some ALU devices.
disabled - Apply configuration the standard way, one-by-one. (default).
enabled - Apply configuration into a candidate and then commit it.The candidate feature must
be enabled on the device.
- alu-sr extended-parser <enum> (default auto)
Make the alu-sr NED enable extensions to ease the task of the NSO CLI command parser. A common
problem with this parser is that it can easily get lost when trying to parse ALU configuration
not supported by the YANG model. In particular it is very sensitive for unsupported config
that generates a mode switch.
disabled - Load configuration the standard way.
robust-mode - The configuration dump is run through a pre-parser which is cleaning it from
all elements currently not supported in the YANG model (default).
turbo-mode - The NED executes the whole command parsing by itself, completely bypassing
the NSO CLI parser. The configuration dump is transferred to NSO using a
Maapi SetValues() call.
turbo-xml-mode - The NED executes the whole command parsing by itself, completely bypassing
the NSO CLI parser. The configuration dump is transferred to NSO in XML
format.
auto - Uses turbo-mode when available, will use fastest availablemethod to load
data to NSO. If NSO doesn't support data-loading from CLI NED, robust-mode
is used.
- alu-sr number-of-lines-to-send-in-chunk <uint8> (default 100)
Number of commands lines in a chunk sent by the alu-sr NED to the device. Default is 100. A
higher number normally result in better performance but will also have negative impact on the
error handling. This command does also control the chunk sizes used in partial show bulk
mode.
- alu-sr partial-show-method <enum> (default bulk-mode)
Method to use when executing a partial show on the device (for instance when doing a 'commit
no-overwrite').
bulk-mode - The NED executes in a bulk mode fashion. Commands to display config on the
requested locations on the device are sent in chunks to minimize the round trip
time. The result is gathered when all commands have been sent to the device.
(default).
walk-mode - The NED walks the config tree on the device step by step and extracts the
config on the requested locations. This method is much slower than bulk mode
but can be an alternative for devices that are not able to handle chunks of
commands properly.
filter-mode - The NED fetches a full configuration dump from the device. It then filters out
everything except the requested the parts. The filtered config is then sent
back to NSO.Note, this method is always used when connected to a NETSIM device.
2. ned-settings alu-sr persistent-store
Configure how the NED shall save configuration to persistent memory.
- persistent-store admin-save <enum> (default on-persist)
Configure how and when an applied config is saved to persistent memory on the device.
on-commit - Save configuration immediately after the config has been successfully applied on
the device. If an error occurs when saving the whole running config will be
rolled back.
on-persist - Save configuration during the NED persist handler. Called after the config has
been successfully applied and commited If an error occurs when saving an alarm
will be triggered. No rollback of the running config is done. (default).
disabled - Disable saving the applied config to persistent memory.
- persistent-store file-url <string>
Configure a file/URL to save config in. If not set, system default will be used.3. ned-settings alu-sr meta-data
Configure how the NED shall operate on the meta-data / cli extension tags used in the YANG model.
- meta-data shutdown-before-set <enum> (default enabled)
This operation makes the NED shutdown a parent before (given by path) setting the value of
this leaf, Default: enabled.
enabled - enabled.
disabled - disabled.
- meta-data redeploy <enum> (default enabled)
This operation makes the NED redeploy another leaf (given by path) after setting the value of
this leaf, Default: enabled.
enabled - enabled.
disabled - disabled.
- meta-data re-enter-authentication-key <enum> (default auto)
Configure the NED to support re-entering of the key value when configuring auth keys on
certain router protos. Only relevant on devices running TiMOS 15 or later and booted in
FIPS-140-2 mode, Default: auto.
enabled - enabled.
disabled - disabled.
auto - auto.
- meta-data check-ospf-area-id <enum> (default enabled)
This operation makes the NED throw if an OSPF area id is configured in integer format, since
it will otherwise cause an out of sync issue with the device. The OSPF area id shall always be
specified in ipv4 format. This is how it will be displayed by the device.
enabled - enabled.
disabled - disabled.
- meta-data check-service-id <enum> (default enabled)
This operation makes the NED throw if a string formatted service id is used for a
vpls/vrpn/epipe/cpipe service. When configuring services through NSO the numeric id shall
always be used to avoid out-of-sync issues with the device.
enabled - enabled.
disabled - disabled.
- meta-data bgp-neighbor-wait-after-delete <uint8> (default 0)
This setting allows for setting a delay in seconds after deletion of a BGP neighbor entry
(default 0). Delete operations of neighbor entries can take some time to execute by the ALU
device. Some use cases require a small delay after the deletion. For instance when moving a
neighbor from one group to another.
- meta-data force-no-filter-name <enum> (default disabled)
This setting forces the absence of /filter/[ip|ipv6|mac]-filter/name which normally is present
in SR-OS >= 15.1 but is absent on certain models/versions.
enabled - enabled.
disabled - disabled.4. ned-settings alu-sr logger
Settings for controlling logs generated.
- logger level <enum> (default info)
Set level of logging.
error - error.
info - info.
verbose - verbose.
debug - debug.
- logger java <true|false> (default true)
Toggle logs to be added to ncs-java-vm.log.5. ned-settings alu-sr proxy
Configure NED to access device via a proxy.
- proxy remote-connection <enum>
Connection type between proxy and device.
ssh - ssh.
telnet - telnet.
serial - serial.
- proxy remote-address <union>
Address of host behind the proxy.
- proxy remote-port <uint16>
Port of host behind the proxy.
- proxy remote-name <string>
User name on the device behind the proxy.
- proxy remote-password <string>
Password on the device behind the proxy.
- proxy remote-secondary-password <string>
Enable password on the device behind the proxy.
- proxy authgroup <string>
Authentication credentials for the device behind the proxy.
- proxy proxy-prompt <string>
Prompt pattern on the proxy host.
- proxy remote-ssh-args <string>
Additional arguments used to establish proxy connection.6. ned-settings alu-sr proxy2
Configure NED to access device via a proxy2.
- proxy2 remote-connection <enum>
Connection type between proxy and device.
ssh - ssh.
telnet - telnet.
serial - serial.
- proxy2 remote-address <union>
Address of host behind the proxy.
- proxy2 remote-port <uint16>
Port of host behind the proxy.
- proxy2 remote-name <string>
User name on the device behind the proxy.
- proxy2 remote-password <string>
Password on the device behind the proxy.
- proxy2 remote-secondary-password <string>
Enable password on the device behind the proxy.
- proxy2 authgroup <string>
Authentication credentials for the device behind the proxy.
- proxy2 proxy-prompt <string>
Prompt pattern on the proxy host.
- proxy2 remote-ssh-args <string>
Additional arguments used to establish proxy connection.7. ned-settings alu-sr live-status
Configure NED settings related to live-status.
- live-status time-to-live <int32> (default 50)
Define time-to-live for data fetched from the device via live-status.(default 50).7.1. ned-settings alu-sr live-status auto-prompts
Pre-stored answers to device prompting questions.
- live-status auto-prompts <id> <question> <answer>
- id <WORD>
List id, any string.
- question <WORD>
Device question, regular expression.
- answer <WORD>
Answer to device question.8. ned-settings alu-sr developer
Contains settings used by the NED developers.
- developer load-from-file <string>
Make the NED load a file containing raw device config when doing sync-from. Does only work on
NETSIM targets.
- developer load-native-config allow-delete <true|false> (default false)
Enable this setting to be able to handle limited delete operations with 'load-native-config'.
Please note that not all syntax available on a real device works, some delete operations can
not be parsed by the NED. Use the 'verbose' flag to 'load-native-config' to see if delete
commands can be parsed. Currently this is only supported when 'extended-parser' is set to
'turbo-xml-mode'.
- developer load-native-config delete-with-remove <true|false> (default false)
Enable this setting to use 'remove' instead of 'delete' when sending delete operations to NSO.
This is useful when doing delete commands for data that might not be present in CDB. Please
note that deletes for missing data will still be part of transaction, and will be sent to
device. Use with care, and do proper testing to understand behaviour.
- developer platform model <string>
Override device model name/number.
- developer platform name <string>
Override device name.
- developer platform version <string>
Override device version.
- developer device-type <enum> (default netsim)
Real or simulated device.
netsim - netsim.
device - device.
- developer progress-verbosity <enum> (default disabled)
Maximum NED verbosity level which will get written in devel.log file.
disabled - disabled.
normal - normal.
verbose - verbose.
very-verbose - very-verbose.
debug - debug.
- developer read-only-bof <enum> (default disabled)
When this setting is enabled the bof config will be read-only.
enabled - enabled.
disabled - disabled.
- developer filter-password-emit <enum> (default disabled)
When this setting is enabled the system security user password are filtered when the NED
applies config to the device.
enabled - enabled.
disabled - disabled.
- developer trace-connection <true|false> (default false)
Enable developer connection tracing. WARNING: may choke NSO with large printouts.9. ned-settings alu-sr connection
Configure settings specific to the connection between NED and device.
- connection ssh client <enum>
Configure the SSH client to use. Relevant only when using the NED with NSO 5.6 or later.
ganymed - The legacy SSH client. Used on all older versions of NSO.
sshj - The new SSH client. Supports the latest key algorithms etc. This is the default
when using the NED on NSO 5.6 or later.
- connection ssh host-key known-hosts-file <string>
Path to openssh formatted 'known_hosts' file containing valid host keys.
- connection ssh host-key public-key-file <string>
Path to openssh formatted public (.pub) host key file.
- connection ssh auth-key private-key-file <string>
Path to openssh formatted private key file.
- connection connector <WORD>
Change the default connector. Default 'ned-connector-default.json'.
- connection number-of-retries <uint8> (default 0)
Configure max number of retries the NED will try to connect to the device before giving up.
Default 0.
- connection time-between-retry <uint8> (default 1)
Configure the time in seconds the NED will wait between each connect retry. Default 1s.
- connection terminal println-mode <enum> (default default)
default - System property line.separator default.
ocrnl - Translate carriage return to newline.
onocr - Translate newline to carriage return-newline.
onlret - Newline performs a carriage return.10. ned-settings alu-sr get-device-config-settings
Configure how the NED shall read config from the device.
- get-device-config-settings method <enum> (default cli)
The method to use.
cli - Dump the running config using the 'admin display-config' CLI command
(default).
sftp-transfer - Transfer the latest saved config from the device via the SFTP protocol. Note
that this method is not reliable. The latest saved config is not necessarily
the same as the running config. A NED configured for this will not be able to
detect out of band changes that have not been saved to file yet.Supported by
newer TiMOS versions.
scp-transfer - Transfer the latest saved config from the device via the SCP protocol. Note
that this method is not reliable. The latest saved config is not necessarily
the same as the running config. A NED configured for this will not be able to
detect out of band changes that have not been saved to file yet. Supported by
older TiMOS versions.
- get-device-config-settings file <string>
The name of the file containing latest saved config.
- get-device-config-settings save-running-config-first <enum>
Make the NED automatically save the running config to the specified file before starting the
SFTP/SCP transfer.
enabled - enabled.
disabled - disabled.
- get-device-config-settings extra get-port-speed <enum> (default disabled)
Makes the NED do an additional fetch of the speed setting on each port on the device. The port
speed is a setting that is trimmed by the device when set to default. This feature generates
one extra config dump, which might affect sync-from performance. The command used does not
work on TiMOS versions < 10. The feature is not used when connected to NETSIM.
enabled - enabled.
disabled - disabled.
- get-device-config-settings extra get-port-type <enum> (default disabled)
Makes the NED do an additional fetch of the port type on each port on the device.
enabled - enabled.
disabled - disabled.
- get-device-config-settings extra get-router-sgt-qos <enum> (default disabled)
Enable this flag to pull default values of router/sgt-qos.
enabled - enabled.
disabled - disabled.
- get-device-config-settings extra enable-detailed-config <true|false> (default true)
Enable/Disable fetching of detailed nodes configuration. NOTE: enabling this feature may lead
to sync-from time increase in case of big device configuration. In such case, read-timeut may
be needed to be increased.10.1. ned-settings alu-sr get-device-config-settings extra detailed-config
This is a list containing device config that needs to be fetched with detailed info (eg include device hidden defaults in the output). Note: each list entry is a regex pattern that will be used in the device 'admin display-config detail | match ' expression (regex to be tested on a real device to properly match the needed config).
- get-device-config-settings extra detailed-config <regex>
- regex <string>11. ned-settings alu-sr apply-device-config-settings
Configure how the NED shall write config to the device.
- apply-device-config-settings method <enum> (default cli)
The method to use.
cli - Configure through the CLI (default).
sftp-transfer - Transfer as file to the device via the SFTP protocol. Then apply the config
using the 'exec' command on the device.Supported by newer versions of TiMOS.
scp-transfer - Transfer as file to the device via the SCP protocol. Then apply the config
using the 'exec' command on the device.Supported by older versions of TiMOS.
- apply-device-config-settings file <string> (default cf3:/alu-sr-tmp.cfg)
The name of the temporary file to use when transferring the config (default:
'cf3:alu-sr-tmp.cfg'.12. ned-settings alu-sr behaviour
NED specific behaviours.
13. ned-settings alu-sr transaction
- transaction ignore-bof-in-trans-id <enum>
Configure if BOF section should be ignored or not at trans-id computation (eg ignore BOF at
check-sync).
enabled - enabled.
disabled - disabled.
- transaction cleartext-provisioning <enum> (default enabled)
Enable this to allow for cleartext key/passwords provisioning without going out-of-sync(i.e.
where device obfuscates/encrypts value in running-config).
enabled - enabled.
disabled - disabled.
- transaction cleartext-stored-encrypted <enum> (default disabled)
When 'cleartext-provisioning' is enabled, enable this setting to enforce keys/passwords CDB
storedvalues to be encrypted using NSO's built in encryption types (e.g.
'tailf:aes-cfb-128-encrypted-string').NOTE: the type of the values in the yang-model of alu-sr
is NOT the encrypted type by default, it is still plain 'string'. However, the service
template/code used to set the values must use an encrypted type.The NED can be instructed to
use tailf:aes-cfb-128-encrypted-string for passwords by default and hence to do
auto-encryption of the passwords, but this requires to recompile the NED with
NEDCOM_SECRET_TYPE flag set (eg 'make NEDCOM_SECRET_TYPE="tailf:aes-cfb-128-encrypted-string"
clean all').
enabled - enabled.
disabled - disabled.
- transaction abort-on-diff <true|false> (default false)
Enable to detect diff immediately when config is applied (i.e. in commit/abort/revert).
If a diff is detected an exception is thrown, having the effect in commit that the transaction
is aborted (showing the diff). Note that this means some overhead in commit, where whole config
needs to be retrieved from device to do compare. It's a more exact way to detect OOB changes,
silently dropped config, and unknown side-effects to config (i.e. all causing a diff compared
to NSO state). In fact, it's the only method which guarantees that the config was actually
applied as desired. Since this incurs overhead it is strongly adviced that this feature is
only used during development.13.1. ned-settings alu-sr transaction config-abort-warning
Configure additional device warnings that shall be treated as errors and trigger an abort in the NED. Enter as a regex.
- transaction config-abort-warning <warning>
- warning <string>
Warning regular expression, e.g. '.*interface.* does not exist.*' . NOTE: please use
lowercase letters for device warnings, except for regex keywords.13.2. ned-settings alu-sr transaction config-ignore-error
Configure additional device errors that shall be treated as warnings (i.e. to be ignored, not aborting transaction).
- transaction config-ignore-error <error>
- error <string>
Warning regular expression, e.g. '^.*interface.* does not exist.*$'. NOTE: please use
lowercase letters for device warnings, except for regex keywords.14. ned-settings alu-sr console
Settings used while interacting with a device.
- console line-feed <string>
Overwrites default line-feed character.Last updated
Was this helpful?